TLS cant connect ldap+freeradius+novell
Jorgen Rosink
jrosink at gmail.com
Mon Jul 23 12:39:58 CEST 2007
On 7/23/07, Jorgen Rosink <jrosink at gmail.com> wrote:
> On 7/23/07, Martin G <kapten_kanelbulle at hotmail.com> wrote:
>
> > If thats some kind of help!?
>
> There's a step-by-step howto on the Novell site:
>
> http://www.novell.com/documentation/edir_radius/index.html
>
> The section:
>
> Configuring the FreeRADIUS Server to Integrate with eDirectory ->
> Modifying the LDAP Module
>
> seems pretty self-explainary, follow the instructions, they do work !
>
> Try to understand the difference between TLS and SSL,
> http://en.wikipedia.org/wiki/Transport_Layer_Security, this makes
> debugging the encryption stuff much easier.
>
> Good luck !
Ow, I forgot to say this:
* You're connecting to the LDAP server with an IP address:
URI ldap://10.10.0.11 ldap://10.10.0.11
* But the LDAP server is using a DNS based certificate:
"Transport Layer Security (TLS / SSL)"
Server Certificate: "SSL CertificateDNS"
Try to change that one to "SSL CertificateIP" or connect to LDAP from
FreeRadius with a FQDN, don't care about host files. Certificate
validation doesn't care about host files, it cares about the Common
Name...
More information about the Freeradius-Users
mailing list